- name: Install jenkins repo on stg
  copy: src=jenkins.repo dest=/etc/yum.repos.d/jenkins.repo
  when: env == "staging"
  tags:
  - koschei
  - config
  - packages
  - yumrepos

- name: install packages
  yum: name={{ item }} state=installed
  with_items:
  - koschei
  - lbzip2
  - postgresql
  tags:
  - koschei
  - packages

- name: install config files
  template: >
    src="{{ item }}.j2"
    dest="/etc/koschei/{{ item }}"
    owner=koschei
    group=koschei
    mode=0400
  with_items:
  - config.cfg
  - config-admin.cfg
  notify:
  - restart koschei-polling
  - restart koschei-resolver
  - restart koschei-scheduler
  - restart koschei-watcher
  - reload httpd
  tags:
  - koschei
  - config

- name: install koschei fedmsg config
  copy: src=koschei.py dest=/etc/fedmsg.d/koschei.py
  notify:
  - restart koschei-polling
  - restart koschei-resolver
  - restart koschei-scheduler
  - restart koschei-watcher
  tags:
  - koschei
  - config
  - fedmsgdconfig

- name: install koji key and cert
  copy: >
    src="{{ private }}/files/koschei/koschei.pem"
    dest="/etc/koschei/koschei.pem"
    owner=koschei
    group=koschei
    mode=0400
  notify:
  - restart koschei-scheduler
  tags:
  - koschei
  - config

- name: install koji ca cert
  copy: >
    src="{{ private }}/files/fedora-ca.cert"
    dest="/etc/koschei/fedora-ca.cert"
    owner=root
    group=root
    mode=0644
  notify:
  - restart koschei-polling
  - restart koschei-resolver
  - restart koschei-scheduler
  - restart koschei-watcher
  - reload httpd
  tags:
  - koschei
  - config

- name: install httpd config file
  template: >
    src="httpd.conf.j2"
    dest="/etc/httpd/conf.d/koschei.conf"
  notify:
  - reload httpd
  tags:
  - koschei
  - config

- name: enable services to start on boot
  action: service name={{ item }} state=running enabled=true
  with_items:
  - koschei-polling
  - koschei-resolver
  - koschei-scheduler
  - koschei-watcher
  tags:
  - koschei
  - service

- name: allow httpd to connect to db
  seboolean: name={{ item }} state=yes persistent=yes
  with_items:
  - httpd_can_network_connect
  - httpd_can_network_connect_db
  notify:
  - reload httpd
  tags:
  - koschei
  - selinux

- name: Copy the cleanup cronjob
  template: src=cron-db-cleanup.j2 dest=/etc/cron.d/cron-db-cleanup
  tags:
  - koschei
  - config

- name: access to postgres for scripts
  template: src=pgpass.j2 dest=/var/cache/koschei/.pgpass
            owner=koschei group=koschei mode=0600
  tags:
  - koschei
  - config
